New flaw in Microsoft Excel Researchers from Sunnyvale, Calif.-based security vendor Fortinet Inc. and Danish vulnerability clearinghouse Secunia are warning of a new flaw in Microsoft Excel that attackers could exploit to run malicious code on targeted machines. "A remote improper memory access vulnerability exists in Microsoft Excel which could allow an attacker … to take complete control of the affected system," Fortinet said in an advisory.

Download this free guide

How businesses can win talent war with mobile apps, HR data analytics and cloud technology

Latest articles on HR best practices: mobile apps disrupting the annual staff appraisals; reasons for and against open-source software; and Rolls-Royce case study.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Secunia said in an advisory that the problem is an unspecified error that occurs when certain .xls files are opened in Internet Explorer. "This can be exploited to execute arbitrary code via a specially crafted XLS file with a certain unspecified opcode," Secunia said, adding that users should steer clear of untrusted Microsoft Office documents.

Microsoft will release its monthly security patches Tuesday, and three updates will address Microsoft Office. At least one of the Office updates will fix critical problems, the software giant said.

Suspicious traffic rising on Port 6502 It appears attackers are still trying to exploit a flaw in the CA BrightStor ARCserve Backup Tape Engine that first came to light in November. The Bethesda, Md.-based SANS Internet Storm Center (ISC) Web site speculated that this could be the reason for an increase in suspicious traffic on Port 6502. The ISC is asking IT professionals who notice increased activity in their environments to send some packets for study.

"It's interesting to note the length of time that passed on this one if this is indeed still the same vulnerability they are attempting to exploit," ISC handler Swa Frantzen said on the Web site.

McAfee hires new security chief and other execs Santa Clara, Calif.-based antivirus firm McAfee Inc. has been mired in a stock options scandal in recent months that resulted in former president Kevin Weiss's expulsion last fall and the resignation of CEO George Samenuk. Now, the company hopes to get beyond it with the hiring of three senior-level executives.

McAfee hired Martin Carmichael to serve as the company's first CSO, while Bill Curtis will be chief process officer and Carl Banzhof will be vice president and chief technology evangelist. McAfee said the hires will allow it to bolster development of new products and services while strengthening the company's business and operational infrastructure.

"The industry expertise that Martin, Bill and Carl bring with them will put McAfee in a strong position as we start 2007 as a new year of growth and innovation," Dale Fuller, McAfee's interim chief executive officer, said in a statement.

Fuller took over as interim CEO in the wake of the stock scandal.

Check Point completes NFR acquisition Check Point Software Technologies Ltd. announced Monday that it has completed its $20 million acquisition of Rockville, Md.-based NFR Security. The Israeli enterprise security vendor first announced the deal last month, saying Check Point's SmartDefense and NFR's Hybrid Detection Engine (HDE) will offer customers "precise, real-time attack prevention" by combining pre-emptive type-based protection from SmartDefense with the "highly granular and accurate attack detection" provided by the HDE.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy